Blog

Cybercriminals are Targeting Universities with Ransomware: Are You Next?

April 15, 2021
Cybercriminals are Targeting Universities with Ransomware: Are You Next?

Cybercriminals are holding student data up for ransom across several universities.

While students have been packing up their backpacks and returning to class after a prolonged “learn-from-home” setting, cybercriminals have kept their “nose to the keyboard” and conspiring ways to exploit brittle systems for money. Unfortunately, a nationwide ransomware attack has shown that scammers’ efforts are paying off.

Within the last few weeks, several large universities have been targeted in a ransomware cyberattack that has spread like wildfire all over the country. While the attack affected multiple universities, over 300 organizations have now reported they were victims of the attacks, which also included businesses and government agencies.

The hackers took advantage of a vulnerability in a widely used 20-year-old file transfer system called Accellion to hold stolen student information hostage until victims pay a ransom. If no, this sensitive information has been threatened to be published onto the dark web, open to any identity thief that wants it.

What is a ransomware attack?

Ransomware is a type of malware that intentionally encrypts a victim’s files.

It’s referred to as ransomware because the attackers demand ransom from the victim to gain back access to their data. In many of the recent cases reported, the attackers have taken screenshots of the files they’ve stolen containing sensitive information and are demanding they pay them $10 million in order to get it back. Schools have also reported they have been receiving mass emails sent to staff and students that are intentionally injecting fear into them in an attempt to further extort money. 

Attackers used Clop ransomware for this attack, a malware that encrypts systems and exploits data that can be published to a leak site if the victim refuses to pay back the ransom.

How did this happen and how can you prevent it?

How does this even happen? Well, to put it simply, all it takes is a little trickery from the cybercriminals’ end. Clop ransomware can be packaged up and sent with a neat little bow in the form of an email or combined with social engineering. That’s why it’s so important to understand what you’re clicking on in an email before you click it.

Here are some questions to ask yourself before you ever click on links or open attachments in your email:

  • Do you know the sender? Is it an individual or company you know and trust? Do you even have an account with this company?

  • Is the email from a legitimate source? A reputable company wouldn’t have an email address that wasn’t from their main domain. For example, Amazon won’t send you an email from “[email protected]” Do your homework before taking any action. If something smells fishy, it probably is.

  • Is the subject line and email employing an urgent, emotional message for you to act fast? Spoiler alert: That’s so that they can make you act now and think later. Don’t let phrases like “URGENT” and “Log In Now Before It’s Too Late” taunt you and stop you from doing your research.

If you do get an email that’s on the sketchy side of things, forward it to your boss/authority at your school, or simply delete it.

Having a strong security system is not just a "Nice to Have" anymore.

Having a system that detects when your personal information has been compromised and alerts you right away is a “need-to-have” nowadays. In a world where data attacks and cybercrime has become more and more rampant, the need to protect yourself and your data is critical.

IDhield can help by monitoring your online accounts and alerting you immediately when your information has been compromised. Don’t wait until a crime like this happens to you or your business. Learn more about IDShield.


IDShield is a product of Pre-Paid Legal Services, Inc. d/b/a LegalShield (“LegalShield”). LegalShield provides access to identity theft protection and restoration services. For complete terms, coverage, and conditions, please see an identity theft plan. All Licensed Private Investigators are licensed in the state of Oklahoma. This is meant to provide general information and is not intended to provide legal advice, render an opinion, or provide any specific recommendations. 

Let IDShield Help Protect Your Data and Identity Today.